Cisco AnyConnect for the iPhone

Three days ago, Cisco has released the Cisco AnyConnect Secure Mobility Client for the iPhone (iOS 4), but what is it? The Cisco AnyConnect Secure Mobility Client provides remote users with secure VPN connections to the Cisco ASA 5500 Series using the Secure Socket Layer (SSL) protocol and the Datagram TLS (DTLS) protocol.

The Cisco AnyConnect Secure Mobility Client for Apple iOS provides seamless and secure remote access to enterprise networks. The client provides a full tunneling experience that allows any installed application to communicate as though connected directly to the enterprise network. It runs on Apple iOS version 4.1 or later and supports connections to IPv4 and IPv6 resources over an IPv4 network tunnel. It is available from the iTunes App Store. All distribution and updates will be provided from the App Store, not the ASA.

iPad (it is expected to be available with the release of Apple iOS 4.2)

The following AnyConnect features are supported:

Tunnel Protocols

Cisco SSL Tunnelling Protocol (CSTP)

Cisco DTLS Tunnelling Protocol (CDTP)

SSL Cipher Suites

AES256-SHA

AES128-SHA

DES-CBC3

RC4-SHA

RC4-MD5

DES-CBC-SHA

DTLS Cipher Suites

AES256-SHA

AES128-SHA

DES-CBC3

DES-CBC-SHA

Authentication

Client Certificate Authentication

Routing Policy

Tunnel All

Split Include

Split Exclude

Simultaneous full-tunnel and clientless connections

Rekey

Network Roaming

TLS Compression

Cisco Profile Support

Profile Update

IPv6 over IPv4

Post-Login Banner

Dead Peer Detection

Tunnel Keep-Alive

Backup Server List

Default Domain

Cluster Support

DNS Server Configuration

Private-side Proxy Support

Network Change Monitoring

Statistics

Graphical User Interface

Pre-login Banner

AnyConnect Secure Certificate Enrollment Protocol (SCEP)

Certificate Import

Limitations of the AnyConnect Secure Mobility Client for Apple iOS
The initial release of Cisco AnyConnect Secure Mobility Client for Apple iOS supports only the features that are strictly related to remote access.

However, full network roaming capabilities are not supported for VPN configurations created with the iPhone Configuration Utility. If your users require this functionality you should use an AnyConnect profile.

Only a single AnyConnect XML profile is supported on the iOS device, and the contents of the generated configuration will always match the most recent profile. For example, if a user goes to vpn.example1.com and then goes to vpn.example2.com, the configuration for vpn.example1.com would be replaced with the one for vpn.example2.com unless the configurations are the same.

Tunnel Keep-Alive is supported, but this may reduce the battery life of the device if the update interval is set to the minimum value.